Some of the coolest gifts on the shelves this year have security flaws that leave them vulnerable to hacking and could put children at risk.
Consumer safety group Which? researched connected toys for 12 months, and found vulnerabilities in the , I-Que Intelligent Robot, CloudPets and Toy-fi Teddy. It found that these toys use unsecured Bluetooth connections and it would be “too easy” for someone to use them to talk to a child.
“That person would need hardly any technical know-how to ‘hack’ your child’s toy,” the report warned.
Which? noted that Bluetooth range is usually limited to about 10 metres, so the main concern would be people nearby with malicious intent. However, it wouldn’t be impossible to extend Bluetooth range.
As more toys add Wi-Fi and Bluetooth connections to pack in new skills and features, regulators have kept a wary eye on them for security vulnerabilities. Earlier this year, German regulatorssmart doll from the market after classifying it as an “espionage device.” And for leaving account information and voice recordings exposed online.
CNET reached out to Spiral Toys (which makes CloudPets and Toy-fi Teddy), Furby-maker Hasbro and Genesis Toys, which makes the I-Que Robot. They did not immediately respond to a request for comment.
You can see the results of the study in the video from Which?, below:
Can smart toys ever be safe?
The Smartest Stuff: Innovators are thinking up new ways to make you — and the world around you — smarter.